Bering Straits Native Corporation (BSNC)
Information Systems Security Officer (ISSO)
Bering Straits Native Corporation (BSNC), Washington, District of Columbia, us, 20022
Overview:
Visit our website at
www.beringstraits.com
to apply!Job specifications are intended to present a descriptive list of the range of duties performed by employees. Specifications are not intended to reflect all duties performed within the job.SUMMARYBering Global Solutions, LLC, a subsidiary of Bering Straits Native Corporation is currently seeking a qualified Information Systems Security Officer, for a government client in Washington, DC. The selected candidate will serve as an Information Systems Security Officer (ISSO) in the Office of the Chief Information Security Officer (CISO) of a large federal government client. The selected individual will guide system owners, designated IT security personnel in the program offices, and other staff in fulfilling Federal Information Security Management Act (FISMA) requirements. The ISSO works to analyze, plan, and execute the work necessary to ensure the confidentiality, integrity and availability of the federal clients IT systems, network, and data through the planning, analysis, development, implementation, maintenance, and enhancement of information systems security programs, policies, procedures and tools.ESSENTIAL DUTIES & RESPONSIBILITIESPlan, develop, and conduct security testing including vulnerability and compliance scans. Analyze and assess results based on risk to clients information systems. Lead remediation efforts for legitimate vulnerabilities and document false-positives or deviations from clients security policy and federal guidelines.Plan, develop, and conduct contingency plan testing, training, and exercises for clients information systems in accordance with clients IT security policies and System Security Plan (SSP). Utilize test results to update and improve information system contingency planning.Lead and facilitate meetings with system owners and technical personnel to categorize IT systems, define system boundaries, and establish and maintain information security standards and procedures in compliance with information security and risk management policies, standards, and guidelines.Monitor and review Security Assessments and Authorizations (SA&A) including security testing and evaluations to ensure adherence to clients security policy as well as FISMA and NIST requirements.Perform updates and maintain baselines for System Security Plans and other Security Assessment and Authorization artifacts.Provide expert security advice to system development organizations to ensure adequate security controls are included in each system lifecycle phase.Develop and implement Plans of Action & Milestones (POA&Ms) where and when security controls are insufficient.Provide IT security policy guidance to clients executive management, staff, and contract partners and suppliers.Conduct risk assessments to identify and mitigate risk to IT systems, facilities, and critical assets.Evaluate and assess network security configurations and recommend corrective actions to mitigate identified deficiencies.Interacts with government client for all projects and planningQUALIFICATIONS - EXPERIENCE, EDUCATION AND CERTIFICATIONRequired (Minimum) QualificationsTechnical background Experience working as any of the following:Software application developerSystem administratorNetwork engineerIT Helpdesk Tier II or aboveBachelors Degree or higher in information technology or information security-related fieldKnowledge, Skills and AbilitiesBasic-level understanding of common computer and networking technologies:
TCP/IP stackWindows operating systemsLinux/Unix-based operating systemsNetworking technologies (routing, switching, VLANs, subnets, firewalls)Common networking protocols SSH, SMB, SMTP, FTP/SFTP, HTTP/HTTPS, DNS, etcCommon enterprise technologies Active Directory, Group Policy, VMware vSphere
Interest in security/hacking culture. Ability to think like an attacker
Certifications of interest:Security+Certified Authorization Professional (CAP)Project Management Professional (PMP)Microsoft Certified Solutions Associate (MCSA)Red Hat Certified System Administrator (RHCSA)
PreferredN/ANECESSARY PHYSICAL REQUIREMENTSThe physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.Essential and marginal functions may require maintaining physical condition necessary for bending, stooping, sitting, walking or standing for prolonged periods of time; most of time is spent sitting in a comfortable position with frequent opportunity to move about.DOT COVERED/SAFETY-SENSITIVE ROLE REQUIREMENTSThis position
is not subject
to federal requirements regarding Department of Transportation safety-sensitive functions.WORK ENVIRONMENTWork Environment characteristics described here are representative of those that must be borne by an employee to successfully perform the essential functions of this job.Job is performed in an office setting with exposure to computer screens and requires extensive use of a computer, keyboard, mouse and multi-line telephone system. The work described herein is primarily a modern office setting. Occasional travel may be required.SUPERVISORY RESPONSIBILITIESNo supervisory responsibilities.ADDITIONAL QUALIFYING FACTORSPublic Trust or the ability to obtain and maintain a Public Trust clearance. (Applicants selected will be subject to a government security investigation and must meet eligibility requirements for access to classified information. Accordingly, U.S. Citizenship is required.)Shareholder Preference.
BSNC gives hiring, promotion, training and retention preference to BSNC shareholders, shareholder descendants and shareholder spouses who meet the minimum qualifications for the job.Bering Straits Native Corporation
is an equal opportunity employer. All applicants will receive consideration for employment, without regard to race, color, religion, creed, national origin, gender, or gender-identity, age, marital status, sexual orientation, veteran status, disability, pregnancy or parental status, or any other basis prohibited by law.Equal Opportunity Employer/Veterans/DisabledWe participate in the E-Verify Employment Verification Program. We are a drug free workplace.
Visit our website at
www.beringstraits.com
to apply!Job specifications are intended to present a descriptive list of the range of duties performed by employees. Specifications are not intended to reflect all duties performed within the job.SUMMARYBering Global Solutions, LLC, a subsidiary of Bering Straits Native Corporation is currently seeking a qualified Information Systems Security Officer, for a government client in Washington, DC. The selected candidate will serve as an Information Systems Security Officer (ISSO) in the Office of the Chief Information Security Officer (CISO) of a large federal government client. The selected individual will guide system owners, designated IT security personnel in the program offices, and other staff in fulfilling Federal Information Security Management Act (FISMA) requirements. The ISSO works to analyze, plan, and execute the work necessary to ensure the confidentiality, integrity and availability of the federal clients IT systems, network, and data through the planning, analysis, development, implementation, maintenance, and enhancement of information systems security programs, policies, procedures and tools.ESSENTIAL DUTIES & RESPONSIBILITIESPlan, develop, and conduct security testing including vulnerability and compliance scans. Analyze and assess results based on risk to clients information systems. Lead remediation efforts for legitimate vulnerabilities and document false-positives or deviations from clients security policy and federal guidelines.Plan, develop, and conduct contingency plan testing, training, and exercises for clients information systems in accordance with clients IT security policies and System Security Plan (SSP). Utilize test results to update and improve information system contingency planning.Lead and facilitate meetings with system owners and technical personnel to categorize IT systems, define system boundaries, and establish and maintain information security standards and procedures in compliance with information security and risk management policies, standards, and guidelines.Monitor and review Security Assessments and Authorizations (SA&A) including security testing and evaluations to ensure adherence to clients security policy as well as FISMA and NIST requirements.Perform updates and maintain baselines for System Security Plans and other Security Assessment and Authorization artifacts.Provide expert security advice to system development organizations to ensure adequate security controls are included in each system lifecycle phase.Develop and implement Plans of Action & Milestones (POA&Ms) where and when security controls are insufficient.Provide IT security policy guidance to clients executive management, staff, and contract partners and suppliers.Conduct risk assessments to identify and mitigate risk to IT systems, facilities, and critical assets.Evaluate and assess network security configurations and recommend corrective actions to mitigate identified deficiencies.Interacts with government client for all projects and planningQUALIFICATIONS - EXPERIENCE, EDUCATION AND CERTIFICATIONRequired (Minimum) QualificationsTechnical background Experience working as any of the following:Software application developerSystem administratorNetwork engineerIT Helpdesk Tier II or aboveBachelors Degree or higher in information technology or information security-related fieldKnowledge, Skills and AbilitiesBasic-level understanding of common computer and networking technologies:
TCP/IP stackWindows operating systemsLinux/Unix-based operating systemsNetworking technologies (routing, switching, VLANs, subnets, firewalls)Common networking protocols SSH, SMB, SMTP, FTP/SFTP, HTTP/HTTPS, DNS, etcCommon enterprise technologies Active Directory, Group Policy, VMware vSphere
Interest in security/hacking culture. Ability to think like an attacker
Certifications of interest:Security+Certified Authorization Professional (CAP)Project Management Professional (PMP)Microsoft Certified Solutions Associate (MCSA)Red Hat Certified System Administrator (RHCSA)
PreferredN/ANECESSARY PHYSICAL REQUIREMENTSThe physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.Essential and marginal functions may require maintaining physical condition necessary for bending, stooping, sitting, walking or standing for prolonged periods of time; most of time is spent sitting in a comfortable position with frequent opportunity to move about.DOT COVERED/SAFETY-SENSITIVE ROLE REQUIREMENTSThis position
is not subject
to federal requirements regarding Department of Transportation safety-sensitive functions.WORK ENVIRONMENTWork Environment characteristics described here are representative of those that must be borne by an employee to successfully perform the essential functions of this job.Job is performed in an office setting with exposure to computer screens and requires extensive use of a computer, keyboard, mouse and multi-line telephone system. The work described herein is primarily a modern office setting. Occasional travel may be required.SUPERVISORY RESPONSIBILITIESNo supervisory responsibilities.ADDITIONAL QUALIFYING FACTORSPublic Trust or the ability to obtain and maintain a Public Trust clearance. (Applicants selected will be subject to a government security investigation and must meet eligibility requirements for access to classified information. Accordingly, U.S. Citizenship is required.)Shareholder Preference.
BSNC gives hiring, promotion, training and retention preference to BSNC shareholders, shareholder descendants and shareholder spouses who meet the minimum qualifications for the job.Bering Straits Native Corporation
is an equal opportunity employer. All applicants will receive consideration for employment, without regard to race, color, religion, creed, national origin, gender, or gender-identity, age, marital status, sexual orientation, veteran status, disability, pregnancy or parental status, or any other basis prohibited by law.Equal Opportunity Employer/Veterans/DisabledWe participate in the E-Verify Employment Verification Program. We are a drug free workplace.